I often speak on ‘Secure Thinking’ to a variety of audiences, and share some suggestions on how to keep themselves safer in their online lives. Here’s those tips:
- Patch your systems regularly (patch Tuesday is a great start)
- Run Anti-Malware, but don’t pay too much for it.
- Uninstall flash completely. If you need it, run it inside Google Chrome (and only use Chrome for flash sites). Likewise with Java in your web browser.
- Stay off the seedy side of the net
- Only install software from trusted sources
- Don’t click links in emails.
- Avoid wi-fi hotspots, or use a personal VPN if you need to use them. I use getcloak.com
- Never, ever use a public computer, for anything. It’s like swimming in a sewer.
- If you find a USB thumb drive, destroy it – never plug it in.
- Encrypt your data – FileVault or BitLocker
- Backup your data to a trusted repository
- Use robust, unique passwords for every site. I use 1Password from agilebits.com to manage mine (and store a copy of the file with another family member)
- Enable two factor authentication when it’s offered
- Enable a passcode on your phone. If it’s iOS or a Google Nexus running Marshmallow or newer, consider using the fingerprint reader to make it more usable.
- Only use Google Nexus android devices to ensure you can stay current
- When asked for secret questions, lie – and record those lies in 1Password.
- Lie to websites that ask for information they don’t need – why does a game company need my real birthday?
- If you receive an inbound phone call, don’t assume it’s real. Hang up without sharing any information and call the bank/insurance company/etc back from the number on your card or statement.
- Get a credit freeze – not credit monitoring. Brian Krebs has a great article on this. Store your PIN in 1Password, and keep a backup copy of the vault In a safe place.
In the end, it boils down to simply being aware.
Think about security!